################################################################################ # Cluster ################################################################################ output "cluster_arn" { description = "The Amazon Resource Name (ARN) of the cluster" value = try(aws_eks_cluster.this[0].arn, "") } output "cluster_certificate_authority_data" { description = "Base64 encoded certificate data required to communicate with the cluster" value = try(aws_eks_cluster.this[0].certificate_authority[0].data, "") } output "cluster_endpoint" { description = "Endpoint for your Kubernetes API server" value = try(aws_eks_cluster.this[0].endpoint, "") } output "cluster_id" { description = "The name/id of the EKS cluster. Will block on cluster creation until the cluster is really ready" value = try(aws_eks_cluster.this[0].id, "") } output "cluster_oidc_issuer_url" { description = "The URL on the EKS cluster for the OpenID Connect identity provider" value = try(aws_eks_cluster.this[0].identity[0].oidc[0].issuer, "") } output "cluster_version" { description = "The Kubernetes version for the cluster" value = try(aws_eks_cluster.this[0].version, "") } output "cluster_platform_version" { description = "Platform version for the cluster" value = try(aws_eks_cluster.this[0].platform_version, "") } output "cluster_status" { description = "Status of the EKS cluster. One of `CREATING`, `ACTIVE`, `DELETING`, `FAILED`" value = try(aws_eks_cluster.this[0].status, "") } output "cluster_primary_security_group_id" { description = "Cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication. Referred to as 'Cluster security group' in the EKS console" value = try(aws_eks_cluster.this[0].vpc_config[0].cluster_security_group_id, "") } ################################################################################ # KMS Key ################################################################################ output "kms_key_arn" { description = "The Amazon Resource Name (ARN) of the key" value = module.kms.key_arn } output "kms_key_id" { description = "The globally unique identifier for the key" value = module.kms.key_id } output "kms_key_policy" { description = "The IAM resource policy set on the key" value = module.kms.key_policy } ################################################################################ # Cluster Security Group ################################################################################ output "cluster_security_group_arn" { description = "Amazon Resource Name (ARN) of the cluster security group" value = try(aws_security_group.cluster[0].arn, "") } output "cluster_security_group_id" { description = "ID of the cluster security group" value = try(aws_security_group.cluster[0].id, "") } ################################################################################ # Node Security Group ################################################################################ output "node_security_group_arn" { description = "Amazon Resource Name (ARN) of the node shared security group" value = try(aws_security_group.node[0].arn, "") } output "node_security_group_id" { description = "ID of the node shared security group" value = try(aws_security_group.node[0].id, "") } ################################################################################ # IRSA ################################################################################ output "oidc_provider" { description = "The OpenID Connect identity provider (issuer URL without leading `https://`)" value = try(replace(aws_eks_cluster.this[0].identity[0].oidc[0].issuer, "https://", ""), "") } output "oidc_provider_arn" { description = "The ARN of the OIDC Provider if `enable_irsa = true`" value = try(aws_iam_openid_connect_provider.oidc_provider[0].arn, "") } ################################################################################ # IAM Role ################################################################################ output "cluster_iam_role_name" { description = "IAM role name of the EKS cluster" value = try(aws_iam_role.this[0].name, "") } output "cluster_iam_role_arn" { description = "IAM role ARN of the EKS cluster" value = try(aws_iam_role.this[0].arn, "") } output "cluster_iam_role_unique_id" { description = "Stable and unique string identifying the IAM role" value = try(aws_iam_role.this[0].unique_id, "") } ################################################################################ # EKS Addons ################################################################################ output "cluster_addons" { description = "Map of attribute maps for all EKS cluster addons enabled" value = aws_eks_addon.this } ################################################################################ # EKS Identity Provider ################################################################################ output "cluster_identity_providers" { description = "Map of attribute maps for all EKS identity providers enabled" value = aws_eks_identity_provider_config.this } ################################################################################ # CloudWatch Log Group ################################################################################ output "cloudwatch_log_group_name" { description = "Name of cloudwatch log group created" value = try(aws_cloudwatch_log_group.this[0].name, "") } output "cloudwatch_log_group_arn" { description = "Arn of cloudwatch log group created" value = try(aws_cloudwatch_log_group.this[0].arn, "") } ################################################################################ # Fargate Profile ################################################################################ output "fargate_profiles" { description = "Map of attribute maps for all EKS Fargate Profiles created" value = module.fargate_profile } ################################################################################ # EKS Managed Node Group ################################################################################ output "eks_managed_node_groups" { description = "Map of attribute maps for all EKS managed node groups created" value = module.eks_managed_node_group } output "eks_managed_node_groups_autoscaling_group_names" { description = "List of the autoscaling group names created by EKS managed node groups" value = flatten([for group in module.eks_managed_node_group : group.node_group_autoscaling_group_names]) } ################################################################################ # Self Managed Node Group ################################################################################ output "self_managed_node_groups" { description = "Map of attribute maps for all self managed node groups created" value = module.self_managed_node_group } output "self_managed_node_groups_autoscaling_group_names" { description = "List of the autoscaling group names created by self-managed node groups" value = [for group in module.self_managed_node_group : group.autoscaling_group_name] } ################################################################################ # Additional ################################################################################ output "aws_auth_configmap_yaml" { description = "[DEPRECATED - use `var.manage_aws_auth_configmap`] Formatted yaml output for base aws-auth configmap containing roles used in cluster node groups/fargate profiles" value = templatefile("${path.module}/templates/aws_auth_cm.tpl", { eks_managed_role_arns = distinct(compact([for group in module.eks_managed_node_group : group.iam_role_arn])) self_managed_role_arns = distinct(compact([for group in module.self_managed_node_group : group.iam_role_arn if group.platform != "windows"])) win32_self_managed_role_arns = distinct(compact([for group in module.self_managed_node_group : group.iam_role_arn if group.platform == "windows"])) fargate_profile_pod_execution_role_arns = distinct(compact([for group in module.fargate_profile : group.fargate_profile_pod_execution_role_arn])) } ) }